CVE-2014-5388
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2014-5388
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-5388.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2014-5388
- Downstream
- Related
- Published
- 2014-11-15T21:59:05Z
- Modified
- 2025-08-09T19:01:27Z
- Summary
- [none]
- Details
-
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption.
- References
-
- http://seclists.org/oss-sec/2014/q3/438
- http://seclists.org/oss-sec/2014/q3/440
- http://www.ubuntu.com/usn/USN-2409-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1132956
- https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fa365d7cd11185237471823a5a33d36765454e16